SlideShare a Scribd company logo

Erau webinar april 2018 Aviation Cybersecurity

Download as PPTX, PDF
E
ERAUWebinars

Slides from an Embry-Riddle Aeronautical University webinar presented April 12, 2018 by Dr. Remzi Seker, Professor of Cybersecurity Engineering, ERAU Daytona Beach. Dr. Seker discusses cybersecurity issues and threats protecting aircraft and the aviation industry.

Education
1 of 41
Welcome!
Today’s Agenda • Welcome/Introduction —Bill Gibbs • Presentation – Dr. Remzi Seker • Questions and Answers • Upcoming Webinars • Certificate of Participation/eBadge • Optional Survey Bill Gibbs Director Campus Outreach & Webinar Coordinator
Dr. Remzi Seker • Professor, Computer Science, College of Engineering, ERAU Daytona Beach • Program Coordinator, MS Cybersecurity Engineering • Director of the Cybersecurity and Assured Systems Engineering (CyBASE) Center • Researches security of critical systems and computer forensics. Author of over 90 publications • Frequently interviewed by media • Ph.D. in Electrical Engineering and Computer Science, University of Alabama at Birmingham
+ Aviation Cybersecurity --A Concise Introduction Remzi Seker, Ph.D. sekerr@erau.edu Program Coordinator, MS CybE Embry-Riddle Aeronautical University –Daytona Beach 4
+ Overview  The Evolution  Complexity  Challenge  Cybersecurity  Some Technologies…  SWIM  Connectivity  EMS/GEMS  ADS-B  UAS 5
+ The Evolution  Systems evolve over time  Aviation systems are no exception  How do they evolve?  Computing  Communication  Control  Evolution in these result in new threats 6
+ The Evolution -2  Do new threats surface only because systems evolve? 7
+ The Evolution -2  Do new threats surface only because systems evolve?  No.  What else produces new threats?  The environment!  What does evolution have to do with safety or security?  Increased threats  Increased complexity 8
+ The Challenge  Time to ponder.  Safety-critical systems, e.g. DAL-A (catastrophic) are expensive to develop  Development highly regulated  Changes are expensive  When the aviation industry develops a technology the average expected life time of the product line is ~30 years  That’s nice; the question is  How are we going to maintain certification as airplanes turn into flying computers that are networked? 9
+ Cybersecurity and IoW  As the air frames are increasingly controlled by computers and the airframes are connected to the terrestrial systems such as SWIM  We need to worry about cybersecurity issues  Many people have heard of the concept Internet of Things (IoT)  That doesn’t really apply to aviation systems (too generic)  What we have here is actually the Internet of Wings (IoW) in the making 10
+ Some Technologies  Let’s grasp the big picture: Where are all the computers?  Airports: checking, luggage, ground operations, ...  Maintenance Workshops  National Air Space Operators’ (FAA, EUROCAE, …) systems: SWIM, EMS/GEMS, …  Onboard aircraft: ADS-B, ACARS, EFB, … 11
+ SWIM and Aircraft Connectivity  We will now identify some threats associated with Aircraft connectivity to SWIM  We will keep our scope limited to EFBs only 12
+ System Wide Information Management (SWIM)  Shares National Airspace (NAS) data among the stakeholders  Service Providers  government agencies  organizations  commercial organizations  Faster integration of new NAS services  Message exchange mechanisms  Discovery of services,  Service performance monitoring  Secure execution environment
+ Aircraft Access to SWIM (AAtS)  Current System  Voice communication: read back clarity and frequency interference.  Lack of real-time weather modeling, aeronautical, and traffic information  Lack of real-time access to flight information and weather information provided by aircraft sensors or crew by the Air Traffic Management (ATM).  Inefficient decision making by the flight crew due to the lack of comprehensive real-time National Airspace (NAS) data.  AAtS Provides  NAS services to the crew via SWIM infrastructure  Ground-to-air information exchange between aircraft and NAS services Weather Data Flight Data DMS NESG AOC/FOC Aeronautical Data Air Traffic Management System Data Sources SWIM Control Command & Control Situational Data Command & Control
+ AAtS Components  Aircraft:  Majorly a consumer of National Airspace (NAS) data  Electronic Flight Bag (EFB) available to the pilot and the crew  NAS service provider by supplying sensor data as well as visually conceived weather information  Aircraft received data include:  air traffic management (ATM) data,  weather data,  notices to airmen (NOTAMs),  special activity airspace (SAA),
+ AAtS Components -2  Data Management Service (DMS):  Responsible for managing the data flow between the NAS Enterprise Security Gateway (NESG) to the aircraft.  Manages the access and services among the shared data providers and the data consumer (aircraft).  Network establishment  Connection to NESG and to the aircraft  Service registration, publication, and subscription  Protocol translation between the NESG and aircraft client  Data filtering, data validation, data provision  Data Link Service (DLS):  Responsible for the network connection between the DMS and the aircraft  Providing the network services as well as routing the data via the appropriate protocol and path
+ Threat Identification  Access  Misuse  Disclose  Modify  Deny access
+ Threat Identification  TH1: Improper traffic from the EFB blocking bandwidth -> Denial of Service (DoS). Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Streaming Media Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Certificate Authority
+ Threat Identification  TH2: Cabin user gaining unauthorized access to DLS and conducting DoS through extreme consumption of the bandwidth. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Device A(in EFB Subnet) Cabin user get the EFB WIFI key Malicious outbound DoS Packets Certificate Authority
+ Threat Identification  TH3: Cabin user gaining unauthorized access to Wireless Access Point/Router to change configuration settings. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Device AGain unauthorized access because of weak password of router Certificate Authority
+ Threat Identification  TH4: Authenticated cabin user consuming the DLS bandwidth and conducting DoS. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Cabin User Streaming media over encrypted VPN Certificate Authority
+ Threat Identification  TH5: Authenticated user conducting reconnaissance on the DLSPs network for mapping the network along with fingerprinting servers. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Cabin User Generate the Network Map Certificate Authority Run Nmap in Network
+ Threat Identification  TH6: External DoS attacks on the DLSP servers by using a discovered IP address/hostnames of servers on the DLSP’s network. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Bandwidth flood and packet flood by EFB user Bandwidth flood and packet flood by external user Certificate Authority Attacker carry out external DDoS attack on DLSP Proxy server through packet flood Cabin user carry out external DDoS attack on DLSP Proxy server through packet flood
+ Threat Identification  TH7: Conducting DoS against the Wireless Access Point/Router onboard the aircraft. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Device A(Different Subnet) 3Watt handheld WiFi Signal Jammer Certificate Authority
+ Threat Identification  TH8: MITM attacks on the EFB-DMS path. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) Victim WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS MITM Connection TH8-Test1 MITM Attack on the EFB-DMS Path Certificate Authority
+ Threat Identification  TH9: DoS/DDoS attacks against the DMS. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS User makes an excessive login attempts DoS and DDoS attack Certificate Authority External DoS and DDoS attack CabinUsermakeexcessiveattemptsofloginand createDosandDDoSattack ExternalUsermakesan excessiveloginattempts
+ AAtS Wrap up  We went over some of the threats for EFB connectivity  The next step would be to conduct risk analysis discuss how the threats can be alleviated  We didn’t even cover the EMS/GEMS type of subsystems or technologies like AeroMACS  For the sake of diverse coverage, let’s move on to ADS-B… 27
+ ADS-B  ADS-B is the technology that has been heralded by the Federal Aviation Administration (FAA) and other civil aviation authorities as central to modernizing the state of airspace management across the globe  Chosen under the NextGen Air Transportation System and Single European Sky programs to improve the accuracy of radar-based traffic information used by air traffic controllers 28
+ Standardization & Adoption  ADS-B standard has been jointly developed by RTCA and EUROCAE.  Within the US, ADS-B implementation is guided by:  DO-242A: Minimum Aviation System Performance Standards for Automatic Dependent Surveillance – Broadcast (ADS-B)  DO-260B: Minimum Operational Performance Standards for 1090 MHz Extended Squitter ADS-B and TIS-B  DO-282B: Minimum Operational Performance Standards for Universal Access Transceiver (UAT) ADS-B  Already fully deployed in Australia, Europe, and parts of Canada.  Required equipment within the US in certain airspaces by 2020 [3]. 29
+ ADS-B Intro  ADS-B intends to improve on its Secondary Surveillance Radar (SSR) predecessors in distinct ways 1. It is automatic, in the sense that no controller or pilot action is required to transmit aircraft information to nearby receivers. 2. It is dependent surveillance, in that the accuracy of transmitted information is dependent on the existence of adequate navigational information onboard the aircraft (e.g. GPS). 3. It is a one-way broadcast in nature, in the sense that aircraft information is transmitted without a priori knowledge of who will actually receive it. 30
+ ADS-B Intro  ADS-B has been approved for operation on two separate data links: 978MHz and 1090MHz.  The former is referred to as Universal Access Transceiver (UAT), and is intended predominantly for use by general aviation operators.  The latter, on the other hand, is generally referred to as Extended Squitter Mode S (1090ES), and is intended predominantly for use by commercial aviation operators.  ADS-B services can then be further categorized into ADS-B In and ADS-B Out.  ADS-B Out consists of all functionality pertaining to the automatic broadcast of aircraft parameters by participants  ADS-B In consists of all functionality pertaining to the receipt, processing, and presentation of this information to pilots and controllers 31
+ ADS-B Intro  While ADS-B data links exist on separate frequencies, probably the most significant difference between them is the length of messages available to broadcast the same types of information to nearby aircraft.  For the 1090ES data link, messages are only 14 bytes long,  UAT messages can be anywhere from 18-34 bytes long depending on the payload type.  As stated by DO-260B, the “maximum ADS-B message transmission rate [for an aircraft] shall not exceed 6.2 transmitted messages per second” 32
+ ADS-B Fundamentals  Approved for use on two data links: UAT (978 MHz) & 1090ES (1090 MHz)  Let’s focus on the latter, due to resource limitations, constraints, and limited focus within research domain.  Since the 1090MHz frequency is shared with all other legacy SSR systems, an ADS-B message begins with the declaration of the ADS-B downlink format number (17).  Then comes a description of the Mode S transponder (CA), followed by  The transponder’s 24-bit ICAO address (AA), message parameters (ME), and parity check bits (PI)Bit # 1 – 5 6 – 8 9 – 32 33 – 88 89 – 112 Field Name [n] DF = 17 [5] CA [3] AA ICAO Code [24] ME [56] PI [24] 33
+ ADS-B Fundamentals  A variety of ground-to-air services include:  Automatic Dependent Surveillance – Rebroadcast (ADS-R): Rebroadcast system to connect UAT and 1090ES.  Flight Information Service – Broadcast (FIS-B) (UAT only): Weather flight information system.  Traffic Information Service – Broadcast (TIS-B): “ADS-R” that tracks non- ADS-B Mode S flights (SSR). Bit # 1 – 5 6 – 8 9 – 32 33 – 88 89 – 112 Field Name [n] DF = 17 [5] CA [3] AA ICAO Code [24] ME [56] PI [24] 34
+ Problem  There are growing privacy and security concerns within the aviation sector with respect to ADS-B: “General aviation operators are concerned about potential privacy and security implications resulting from equipping their aircraft with ADS-B. … The core concern of the operator community is real-time tracking of the geographic location of a specific aircraft”.  The FAA response was the following: “[We have] determined that equipping aircraft with ADS-B does not materially change the ability to track aircraft, because aircraft that currently operate with a Mode S transponder already transmit their ICAO [International Civil Aviation Organization] 24-bit code”. 35
+ Anonymity  UAT data link has provisions for a self-assigned aircraft code that is based on the location at which this feature was enabled.  Only available for aircraft that don’t want ATC services, since the true registration identity cannot be determined.  No guarantee of aircraft code uniqueness.  Aircraft tend to operate on predictable routes or based out of particular airports… too easy to narrow the range of codes for an observer.  What to do if this won’t work for 1090ES, and if just about all information about an aircraft is available online? 36
+ Attacks  These types of attacks are possible  Disruption of GPS readings  Wireless jamming of surveillance-related communications  Manipulation of ADS-B transmissions  Message Injection (target ghost injection, flooding)  Message Deletion (aircraft obfuscation)  Message Modification (trajectory modification, aircraft impersonation) 37
+ Proposed Measures  Private Aircraft Registry  Anonymity Mode for 1090ES  Hash-based message authentication code (HMAC) of 128 bits be determined and split across these messages within the PI field  Others… That end up changing the ADS-B specification… 38
+ Some Cybersecurity Standards for Aircrafts  Standard development for cybersecurity in aviation industry has been going on for a few years.  There is still much work; two most prominent standards are  DO-356 Airworthiness Security Methods and Considerations  DO-355 Information Security Guidance for Continuing Airworthiness 39
+ A Few Words on UAS  Technology rapidly evolving and becoming ubiquitous  Definitely part of IoW eco system  Many use case scenarios  Some legitimate uses  Payload sharing  UAS as a Service  Some unpleasant scenarios  Terrorism  Warfighting  ADS-B spoofing  …. 40
+ Q&A Time 41 sekerr@erau.edu @RemziSeker

Recommended

Airport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionAirport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionRussell Publishing
 
Cyber Security in Transportation
Cyber Security in TransportationCyber Security in Transportation
Cyber Security in TransportationOren Elimelech
 
cyber security-in_civil_aviation_2012 august_CPNI
cyber security-in_civil_aviation_2012 august_CPNIcyber security-in_civil_aviation_2012 august_CPNI
cyber security-in_civil_aviation_2012 august_CPNIfEngel
 
0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_rev0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_revMona Al-achkar
 
CSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_ProjectCSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_ProjectBen Othman
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaAngeloluca Barba
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 
Cyber Security in Civil Aviation
Cyber Security in Civil AviationCyber Security in Civil Aviation
Cyber Security in Civil AviationNetwork Intelligence India
 

Recommended

Airport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionAirport security 2013 cyber security panel discussion
Airport security 2013 cyber security panel discussionRussell Publishing
 
Cyber Security in Transportation
Cyber Security in TransportationCyber Security in Transportation
Cyber Security in TransportationOren Elimelech
 
cyber security-in_civil_aviation_2012 august_CPNI
cyber security-in_civil_aviation_2012 august_CPNIcyber security-in_civil_aviation_2012 august_CPNI
cyber security-in_civil_aviation_2012 august_CPNIfEngel
 
0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_rev0503 al achkar-jabbour_lebanese_univ_rev
0503 al achkar-jabbour_lebanese_univ_revMona Al-achkar
 
CSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_ProjectCSFI_ATC_Cyber_Security_Project
CSFI_ATC_Cyber_Security_ProjectBen Othman
 
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaEvolutionary ATM & Cyber Security - Selex ES - Angeloluca Barba
Evolutionary ATM & Cyber Security - Selex ES - Angeloluca BarbaAngeloluca Barba
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device SecurityJohn Rhoton
 
Cyber Security in Civil Aviation
Cyber Security in Civil AviationCyber Security in Civil Aviation
Cyber Security in Civil AviationNetwork Intelligence India
 
Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)華穗 徐
 
International Journal of Network Security & Its Applications (IJNSA)
International Journal of Network Security & Its Applications (IJNSA)International Journal of Network Security & Its Applications (IJNSA)
International Journal of Network Security & Its Applications (IJNSA)IJNSA Journal
 
RAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARYRAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARYRazorpoint Security
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications TechnologiesSarah Jimenez
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersSomyos U.
 
Cyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoCyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoOWASP Delhi
 
L25 network fundamentals
L25 network fundamentalsL25 network fundamentals
L25 network fundamentalsheidirobison
 
Websecurity
Websecurity Websecurity
Websecurity Merve Bilgen
 
(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedings(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedingsSTO STRATEGY
 
NewIinternet security
NewIinternet securityNewIinternet security
NewIinternet securityuniversity of mumbai
 
New internet security
New internet securityNew internet security
New internet securityuniversity of mumbai
 
Security: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud AdoptionSecurity: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud AdoptionAmazon Web Services
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Data Communications and Networks
Data Communications and NetworksData Communications and Networks
Data Communications and NetworksKisorjan Jakathiswaran
 
Is Cloud Computing Secure - Everything Need to Know.docx
Is Cloud Computing Secure - Everything Need to Know.docxIs Cloud Computing Secure - Everything Need to Know.docx
Is Cloud Computing Secure - Everything Need to Know.docxTiInfotech
 
fundamental of network security
fundamental of network securityfundamental of network security
fundamental of network securityManish Tiwari
 
Network Fundamental for Malware Analysis.pptx
Network Fundamental for Malware Analysis.pptxNetwork Fundamental for Malware Analysis.pptx
Network Fundamental for Malware Analysis.pptxSazidHossain9
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computingsashi799
 
IT Network Asset Discovery & Inventory
IT Network Asset Discovery & InventoryIT Network Asset Discovery & Inventory
IT Network Asset Discovery & Inventoryikirmer
 
ERAU Webinar june 2019 Resumes that Work!
ERAU Webinar june 2019 Resumes that Work!ERAU Webinar june 2019 Resumes that Work!
ERAU Webinar june 2019 Resumes that Work!ERAUWebinars
 
ERAU Webinar May 2019 NTSB Accicent Investigation
ERAU Webinar May 2019 NTSB Accicent InvestigationERAU Webinar May 2019 NTSB Accicent Investigation
ERAU Webinar May 2019 NTSB Accicent InvestigationERAUWebinars
 

More Related Content

Similar to Erau webinar april 2018 Aviation Cybersecurity

Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)華穗 徐
 
International Journal of Network Security & Its Applications (IJNSA)
International Journal of Network Security & Its Applications (IJNSA)International Journal of Network Security & Its Applications (IJNSA)
International Journal of Network Security & Its Applications (IJNSA)IJNSA Journal
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Rishabh Dangwal
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications TechnologiesSarah Jimenez
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersSomyos U.
 
Cyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoCyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoOWASP Delhi
 
L25 network fundamentals
L25 network fundamentalsL25 network fundamentals
L25 network fundamentalsheidirobison
 
(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedings(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedingsSTO STRATEGY
 
Security: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud AdoptionSecurity: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud AdoptionAmazon Web Services
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
Is Cloud Computing Secure - Everything Need to Know.docx
Is Cloud Computing Secure - Everything Need to Know.docxIs Cloud Computing Secure - Everything Need to Know.docx
Is Cloud Computing Secure - Everything Need to Know.docxTiInfotech
 
fundamental of network security
fundamental of network securityfundamental of network security
fundamental of network securityManish Tiwari
 
Network Fundamental for Malware Analysis.pptx
Network Fundamental for Malware Analysis.pptxNetwork Fundamental for Malware Analysis.pptx
Network Fundamental for Malware Analysis.pptxSazidHossain9
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computingsashi799
 
IT Network Asset Discovery & Inventory
IT Network Asset Discovery & InventoryIT Network Asset Discovery & Inventory
IT Network Asset Discovery & Inventoryikirmer
 

Similar to Erau webinar april 2018 Aviation Cybersecurity (20)

Ch12(revised 20071226)
Ch12(revised 20071226)Ch12(revised 20071226)
Ch12(revised 20071226)
 
International Journal of Network Security & Its Applications (IJNSA)
International Journal of Network Security & Its Applications (IJNSA)International Journal of Network Security & Its Applications (IJNSA)
International Journal of Network Security & Its Applications (IJNSA)
 
RAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARYRAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARY
 
Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...Corporate Security Issues and countering them using Unified Threat Management...
Corporate Security Issues and countering them using Unified Threat Management...
 
Communications Technologies
Communications TechnologiesCommunications Technologies
Communications Technologies
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security Perimeters
 
Cyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_videoCyber security in_next_gen_air_transportation_system_wo_video
Cyber security in_next_gen_air_transportation_system_wo_video
 
L25 network fundamentals
L25 network fundamentalsL25 network fundamentals
L25 network fundamentals
 
Websecurity
Websecurity Websecurity
Websecurity
 
(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedings(Pdf) yury chemerkin _ita_2013 proceedings
(Pdf) yury chemerkin _ita_2013 proceedings
 
NewIinternet security
NewIinternet securityNewIinternet security
NewIinternet security
 
New internet security
New internet securityNew internet security
New internet security
 
Security: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud AdoptionSecurity: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud Adoption
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 
Data Communications and Networks
Data Communications and NetworksData Communications and Networks
Data Communications and Networks
 
Is Cloud Computing Secure - Everything Need to Know.docx
Is Cloud Computing Secure - Everything Need to Know.docxIs Cloud Computing Secure - Everything Need to Know.docx
Is Cloud Computing Secure - Everything Need to Know.docx
 
fundamental of network security
fundamental of network securityfundamental of network security
fundamental of network security
 
Network Fundamental for Malware Analysis.pptx
Network Fundamental for Malware Analysis.pptxNetwork Fundamental for Malware Analysis.pptx
Network Fundamental for Malware Analysis.pptx
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computing
 
IT Network Asset Discovery & Inventory
IT Network Asset Discovery & InventoryIT Network Asset Discovery & Inventory
IT Network Asset Discovery & Inventory
 

More from ERAUWebinars

ERAU Webinar june 2019 Resumes that Work!
ERAU Webinar june 2019 Resumes that Work!ERAU Webinar june 2019 Resumes that Work!
ERAU Webinar june 2019 Resumes that Work!ERAUWebinars
 
ERAU Webinar May 2019 NTSB Accicent Investigation
ERAU Webinar May 2019 NTSB Accicent InvestigationERAU Webinar May 2019 NTSB Accicent Investigation
ERAU Webinar May 2019 NTSB Accicent InvestigationERAUWebinars
 
ERAU Webinar April 2019 Are Drones a Threat?
ERAU Webinar April 2019 Are Drones a Threat?ERAU Webinar April 2019 Are Drones a Threat?
ERAU Webinar April 2019 Are Drones a Threat?ERAUWebinars
 
ERAU Webinar March 2019 Leadership Fatal Flaws
ERAU Webinar March 2019 Leadership Fatal FlawsERAU Webinar March 2019 Leadership Fatal Flaws
ERAU Webinar March 2019 Leadership Fatal FlawsERAUWebinars
 
Webinar ERAU personality webinar Jan 2019
Webinar ERAU personality webinar Jan 2019Webinar ERAU personality webinar Jan 2019
Webinar ERAU personality webinar Jan 2019ERAUWebinars
 
Erau webinar may 2018 resumes
Erau webinar may 2018 resumesErau webinar may 2018 resumes
Erau webinar may 2018 resumesERAUWebinars
 
Erau cybersecurity and security degrees
Erau cybersecurity and security degreesErau cybersecurity and security degrees
Erau cybersecurity and security degreesERAUWebinars
 
ERAU webinar: Aviation English for Flight Training
ERAU webinar: Aviation English for Flight Training ERAU webinar: Aviation English for Flight Training
ERAU webinar: Aviation English for Flight Training ERAUWebinars
 
ERAU webinar plus march 15 2018
ERAU webinar plus march 15 2018 ERAU webinar plus march 15 2018
ERAU webinar plus march 15 2018 ERAUWebinars
 
Embry-Riddle Unmanned Systems Degrees and Programs
Embry-Riddle Unmanned Systems Degrees and ProgramsEmbry-Riddle Unmanned Systems Degrees and Programs
Embry-Riddle Unmanned Systems Degrees and ProgramsERAUWebinars
 
Erau webinar jan 24 2018 -pilot profiling
Erau webinar jan 24 2018 -pilot profilingErau webinar jan 24 2018 -pilot profiling
Erau webinar jan 24 2018 -pilot profilingERAUWebinars
 
Slides erau webinar jan 2018 pittenger
Slides erau webinar jan 2018 pittengerSlides erau webinar jan 2018 pittenger
Slides erau webinar jan 2018 pittengerERAUWebinars
 
Erau webinar UAS-a european perspective
Erau webinar UAS-a european perspective Erau webinar UAS-a european perspective
Erau webinar UAS-a european perspective ERAUWebinars
 
erau webinar october 2017 Commanding presentations
erau webinar october 2017 Commanding presentationserau webinar october 2017 Commanding presentations
erau webinar october 2017 Commanding presentationsERAUWebinars
 
erau webinar sept 2018 pilot careers
erau webinar sept 2018 pilot careerserau webinar sept 2018 pilot careers
erau webinar sept 2018 pilot careersERAUWebinars
 
Aerospace Coatings Applicator
Aerospace Coatings ApplicatorAerospace Coatings Applicator
Aerospace Coatings ApplicatorERAUWebinars
 
Embry-Riddle Degree Briefing BS Interdisciplinary Studies
Embry-Riddle Degree Briefing BS Interdisciplinary StudiesEmbry-Riddle Degree Briefing BS Interdisciplinary Studies
Embry-Riddle Degree Briefing BS Interdisciplinary StudiesERAUWebinars
 
erau webinar- career portfolios
erau webinar- career portfolioserau webinar- career portfolios
erau webinar- career portfoliosERAUWebinars
 
Slides erau webinar june 13 2017 international students
Slides erau webinar june 13 2017 international studentsSlides erau webinar june 13 2017 international students
Slides erau webinar june 13 2017 international studentsERAUWebinars
 
Slides erau webinar international students Part 1
Slides erau webinar international students Part 1Slides erau webinar international students Part 1
Slides erau webinar international students Part 1ERAUWebinars
 

More from ERAUWebinars (20)

ERAU Webinar june 2019 Resumes that Work!
ERAU Webinar june 2019 Resumes that Work!ERAU Webinar june 2019 Resumes that Work!
ERAU Webinar june 2019 Resumes that Work!
 
ERAU Webinar May 2019 NTSB Accicent Investigation
ERAU Webinar May 2019 NTSB Accicent InvestigationERAU Webinar May 2019 NTSB Accicent Investigation
ERAU Webinar May 2019 NTSB Accicent Investigation
 
ERAU Webinar April 2019 Are Drones a Threat?
ERAU Webinar April 2019 Are Drones a Threat?ERAU Webinar April 2019 Are Drones a Threat?
ERAU Webinar April 2019 Are Drones a Threat?
 
ERAU Webinar March 2019 Leadership Fatal Flaws
ERAU Webinar March 2019 Leadership Fatal FlawsERAU Webinar March 2019 Leadership Fatal Flaws
ERAU Webinar March 2019 Leadership Fatal Flaws
 
Webinar ERAU personality webinar Jan 2019
Webinar ERAU personality webinar Jan 2019Webinar ERAU personality webinar Jan 2019
Webinar ERAU personality webinar Jan 2019
 
Erau webinar may 2018 resumes
Erau webinar may 2018 resumesErau webinar may 2018 resumes
Erau webinar may 2018 resumes
 
Erau cybersecurity and security degrees
Erau cybersecurity and security degreesErau cybersecurity and security degrees
Erau cybersecurity and security degrees
 
ERAU webinar: Aviation English for Flight Training
ERAU webinar: Aviation English for Flight Training ERAU webinar: Aviation English for Flight Training
ERAU webinar: Aviation English for Flight Training
 
ERAU webinar plus march 15 2018
ERAU webinar plus march 15 2018 ERAU webinar plus march 15 2018
ERAU webinar plus march 15 2018
 
Embry-Riddle Unmanned Systems Degrees and Programs
Embry-Riddle Unmanned Systems Degrees and ProgramsEmbry-Riddle Unmanned Systems Degrees and Programs
Embry-Riddle Unmanned Systems Degrees and Programs
 
Erau webinar jan 24 2018 -pilot profiling
Erau webinar jan 24 2018 -pilot profilingErau webinar jan 24 2018 -pilot profiling
Erau webinar jan 24 2018 -pilot profiling
 
Slides erau webinar jan 2018 pittenger
Slides erau webinar jan 2018 pittengerSlides erau webinar jan 2018 pittenger
Slides erau webinar jan 2018 pittenger
 
Erau webinar UAS-a european perspective
Erau webinar UAS-a european perspective Erau webinar UAS-a european perspective
Erau webinar UAS-a european perspective
 
erau webinar october 2017 Commanding presentations
erau webinar october 2017 Commanding presentationserau webinar october 2017 Commanding presentations
erau webinar october 2017 Commanding presentations
 
erau webinar sept 2018 pilot careers
erau webinar sept 2018 pilot careerserau webinar sept 2018 pilot careers
erau webinar sept 2018 pilot careers
 
Aerospace Coatings Applicator
Aerospace Coatings ApplicatorAerospace Coatings Applicator
Aerospace Coatings Applicator
 
Embry-Riddle Degree Briefing BS Interdisciplinary Studies
Embry-Riddle Degree Briefing BS Interdisciplinary StudiesEmbry-Riddle Degree Briefing BS Interdisciplinary Studies
Embry-Riddle Degree Briefing BS Interdisciplinary Studies
 
erau webinar- career portfolios
erau webinar- career portfolioserau webinar- career portfolios
erau webinar- career portfolios
 
Slides erau webinar june 13 2017 international students
Slides erau webinar june 13 2017 international studentsSlides erau webinar june 13 2017 international students
Slides erau webinar june 13 2017 international students
 
Slides erau webinar international students Part 1
Slides erau webinar international students Part 1Slides erau webinar international students Part 1
Slides erau webinar international students Part 1
 

Recently uploaded

THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxAshokKarra1
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxleah joy valeriano
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxCarlos105
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 

Recently uploaded (20)

THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
 
Karra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptxKarra SKD Conference Presentation Revised.pptx
Karra SKD Conference Presentation Revised.pptx
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
 
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptxBarangay Council for the Protection of Children (BCPC) Orientation.pptx
Barangay Council for the Protection of Children (BCPC) Orientation.pptx
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 

Erau webinar april 2018 Aviation Cybersecurity

  • 2. Today’s Agenda • Welcome/Introduction —Bill Gibbs • Presentation – Dr. Remzi Seker • Questions and Answers • Upcoming Webinars • Certificate of Participation/eBadge • Optional Survey Bill Gibbs Director Campus Outreach & Webinar Coordinator
  • 3. Dr. Remzi Seker • Professor, Computer Science, College of Engineering, ERAU Daytona Beach • Program Coordinator, MS Cybersecurity Engineering • Director of the Cybersecurity and Assured Systems Engineering (CyBASE) Center • Researches security of critical systems and computer forensics. Author of over 90 publications • Frequently interviewed by media • Ph.D. in Electrical Engineering and Computer Science, University of Alabama at Birmingham
  • 4. + Aviation Cybersecurity --A Concise Introduction Remzi Seker, Ph.D. sekerr@erau.edu Program Coordinator, MS CybE Embry-Riddle Aeronautical University –Daytona Beach 4
  • 5. + Overview  The Evolution  Complexity  Challenge  Cybersecurity  Some Technologies…  SWIM  Connectivity  EMS/GEMS  ADS-B  UAS 5
  • 6. + The Evolution  Systems evolve over time  Aviation systems are no exception  How do they evolve?  Computing  Communication  Control  Evolution in these result in new threats 6
  • 7. + The Evolution -2  Do new threats surface only because systems evolve? 7
  • 8. + The Evolution -2  Do new threats surface only because systems evolve?  No.  What else produces new threats?  The environment!  What does evolution have to do with safety or security?  Increased threats  Increased complexity 8
  • 9. + The Challenge  Time to ponder.  Safety-critical systems, e.g. DAL-A (catastrophic) are expensive to develop  Development highly regulated  Changes are expensive  When the aviation industry develops a technology the average expected life time of the product line is ~30 years  That’s nice; the question is  How are we going to maintain certification as airplanes turn into flying computers that are networked? 9
  • 10. + Cybersecurity and IoW  As the air frames are increasingly controlled by computers and the airframes are connected to the terrestrial systems such as SWIM  We need to worry about cybersecurity issues  Many people have heard of the concept Internet of Things (IoT)  That doesn’t really apply to aviation systems (too generic)  What we have here is actually the Internet of Wings (IoW) in the making 10
  • 11. + Some Technologies  Let’s grasp the big picture: Where are all the computers?  Airports: checking, luggage, ground operations, ...  Maintenance Workshops  National Air Space Operators’ (FAA, EUROCAE, …) systems: SWIM, EMS/GEMS, …  Onboard aircraft: ADS-B, ACARS, EFB, … 11
  • 12. + SWIM and Aircraft Connectivity  We will now identify some threats associated with Aircraft connectivity to SWIM  We will keep our scope limited to EFBs only 12
  • 13. + System Wide Information Management (SWIM)  Shares National Airspace (NAS) data among the stakeholders  Service Providers  government agencies  organizations  commercial organizations  Faster integration of new NAS services  Message exchange mechanisms  Discovery of services,  Service performance monitoring  Secure execution environment
  • 14. + Aircraft Access to SWIM (AAtS)  Current System  Voice communication: read back clarity and frequency interference.  Lack of real-time weather modeling, aeronautical, and traffic information  Lack of real-time access to flight information and weather information provided by aircraft sensors or crew by the Air Traffic Management (ATM).  Inefficient decision making by the flight crew due to the lack of comprehensive real-time National Airspace (NAS) data.  AAtS Provides  NAS services to the crew via SWIM infrastructure  Ground-to-air information exchange between aircraft and NAS services Weather Data Flight Data DMS NESG AOC/FOC Aeronautical Data Air Traffic Management System Data Sources SWIM Control Command & Control Situational Data Command & Control
  • 15. + AAtS Components  Aircraft:  Majorly a consumer of National Airspace (NAS) data  Electronic Flight Bag (EFB) available to the pilot and the crew  NAS service provider by supplying sensor data as well as visually conceived weather information  Aircraft received data include:  air traffic management (ATM) data,  weather data,  notices to airmen (NOTAMs),  special activity airspace (SAA),
  • 16. + AAtS Components -2  Data Management Service (DMS):  Responsible for managing the data flow between the NAS Enterprise Security Gateway (NESG) to the aircraft.  Manages the access and services among the shared data providers and the data consumer (aircraft).  Network establishment  Connection to NESG and to the aircraft  Service registration, publication, and subscription  Protocol translation between the NESG and aircraft client  Data filtering, data validation, data provision  Data Link Service (DLS):  Responsible for the network connection between the DMS and the aircraft  Providing the network services as well as routing the data via the appropriate protocol and path
  • 17. + Threat Identification  Access  Misuse  Disclose  Modify  Deny access
  • 18. + Threat Identification  TH1: Improper traffic from the EFB blocking bandwidth -> Denial of Service (DoS). Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Streaming Media Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Certificate Authority
  • 19. + Threat Identification  TH2: Cabin user gaining unauthorized access to DLS and conducting DoS through extreme consumption of the bandwidth. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Device A(in EFB Subnet) Cabin user get the EFB WIFI key Malicious outbound DoS Packets Certificate Authority
  • 20. + Threat Identification  TH3: Cabin user gaining unauthorized access to Wireless Access Point/Router to change configuration settings. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Device AGain unauthorized access because of weak password of router Certificate Authority
  • 21. + Threat Identification  TH4: Authenticated cabin user consuming the DLS bandwidth and conducting DoS. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Cabin User Streaming media over encrypted VPN Certificate Authority
  • 22. + Threat Identification  TH5: Authenticated user conducting reconnaissance on the DLSPs network for mapping the network along with fingerprinting servers. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Cabin User Generate the Network Map Certificate Authority Run Nmap in Network
  • 23. + Threat Identification  TH6: External DoS attacks on the DLSP servers by using a discovered IP address/hostnames of servers on the DLSP’s network. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Bandwidth flood and packet flood by EFB user Bandwidth flood and packet flood by external user Certificate Authority Attacker carry out external DDoS attack on DLSP Proxy server through packet flood Cabin user carry out external DDoS attack on DLSP Proxy server through packet flood
  • 24. + Threat Identification  TH7: Conducting DoS against the Wireless Access Point/Router onboard the aircraft. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS Device A(Different Subnet) 3Watt handheld WiFi Signal Jammer Certificate Authority
  • 25. + Threat Identification  TH8: MITM attacks on the EFB-DMS path. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) Victim WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS MITM Connection TH8-Test1 MITM Attack on the EFB-DMS Path Certificate Authority
  • 26. + Threat Identification  TH9: DoS/DDoS attacks against the DMS. Wired or Wireless Connection (Encrypted) EFB (Flight Deck) WiFi Access Point / Router Cabin Traffic Wireless Connection (plaintext) Aircraft Flight Deck DMS Server The Internet Cabin Traffic (plaintext) Flight Deck Traffic Encrypted connection Encrypted connection Data Link Service (DLS) DLSP Proxy DMS Proxy Encrypted connection Flight Deck Traffic Encrypted connection DMS Firewall + IPS User makes an excessive login attempts DoS and DDoS attack Certificate Authority External DoS and DDoS attack CabinUsermakeexcessiveattemptsofloginand createDosandDDoSattack ExternalUsermakesan excessiveloginattempts
  • 27. + AAtS Wrap up  We went over some of the threats for EFB connectivity  The next step would be to conduct risk analysis discuss how the threats can be alleviated  We didn’t even cover the EMS/GEMS type of subsystems or technologies like AeroMACS  For the sake of diverse coverage, let’s move on to ADS-B… 27
  • 28. + ADS-B  ADS-B is the technology that has been heralded by the Federal Aviation Administration (FAA) and other civil aviation authorities as central to modernizing the state of airspace management across the globe  Chosen under the NextGen Air Transportation System and Single European Sky programs to improve the accuracy of radar-based traffic information used by air traffic controllers 28
  • 29. + Standardization & Adoption  ADS-B standard has been jointly developed by RTCA and EUROCAE.  Within the US, ADS-B implementation is guided by:  DO-242A: Minimum Aviation System Performance Standards for Automatic Dependent Surveillance – Broadcast (ADS-B)  DO-260B: Minimum Operational Performance Standards for 1090 MHz Extended Squitter ADS-B and TIS-B  DO-282B: Minimum Operational Performance Standards for Universal Access Transceiver (UAT) ADS-B  Already fully deployed in Australia, Europe, and parts of Canada.  Required equipment within the US in certain airspaces by 2020 [3]. 29
  • 30. + ADS-B Intro  ADS-B intends to improve on its Secondary Surveillance Radar (SSR) predecessors in distinct ways 1. It is automatic, in the sense that no controller or pilot action is required to transmit aircraft information to nearby receivers. 2. It is dependent surveillance, in that the accuracy of transmitted information is dependent on the existence of adequate navigational information onboard the aircraft (e.g. GPS). 3. It is a one-way broadcast in nature, in the sense that aircraft information is transmitted without a priori knowledge of who will actually receive it. 30
  • 31. + ADS-B Intro  ADS-B has been approved for operation on two separate data links: 978MHz and 1090MHz.  The former is referred to as Universal Access Transceiver (UAT), and is intended predominantly for use by general aviation operators.  The latter, on the other hand, is generally referred to as Extended Squitter Mode S (1090ES), and is intended predominantly for use by commercial aviation operators.  ADS-B services can then be further categorized into ADS-B In and ADS-B Out.  ADS-B Out consists of all functionality pertaining to the automatic broadcast of aircraft parameters by participants  ADS-B In consists of all functionality pertaining to the receipt, processing, and presentation of this information to pilots and controllers 31
  • 32. + ADS-B Intro  While ADS-B data links exist on separate frequencies, probably the most significant difference between them is the length of messages available to broadcast the same types of information to nearby aircraft.  For the 1090ES data link, messages are only 14 bytes long,  UAT messages can be anywhere from 18-34 bytes long depending on the payload type.  As stated by DO-260B, the “maximum ADS-B message transmission rate [for an aircraft] shall not exceed 6.2 transmitted messages per second” 32
  • 33. + ADS-B Fundamentals  Approved for use on two data links: UAT (978 MHz) & 1090ES (1090 MHz)  Let’s focus on the latter, due to resource limitations, constraints, and limited focus within research domain.  Since the 1090MHz frequency is shared with all other legacy SSR systems, an ADS-B message begins with the declaration of the ADS-B downlink format number (17).  Then comes a description of the Mode S transponder (CA), followed by  The transponder’s 24-bit ICAO address (AA), message parameters (ME), and parity check bits (PI)Bit # 1 – 5 6 – 8 9 – 32 33 – 88 89 – 112 Field Name [n] DF = 17 [5] CA [3] AA ICAO Code [24] ME [56] PI [24] 33
  • 34. + ADS-B Fundamentals  A variety of ground-to-air services include:  Automatic Dependent Surveillance – Rebroadcast (ADS-R): Rebroadcast system to connect UAT and 1090ES.  Flight Information Service – Broadcast (FIS-B) (UAT only): Weather flight information system.  Traffic Information Service – Broadcast (TIS-B): “ADS-R” that tracks non- ADS-B Mode S flights (SSR). Bit # 1 – 5 6 – 8 9 – 32 33 – 88 89 – 112 Field Name [n] DF = 17 [5] CA [3] AA ICAO Code [24] ME [56] PI [24] 34
  • 35. + Problem  There are growing privacy and security concerns within the aviation sector with respect to ADS-B: “General aviation operators are concerned about potential privacy and security implications resulting from equipping their aircraft with ADS-B. … The core concern of the operator community is real-time tracking of the geographic location of a specific aircraft”.  The FAA response was the following: “[We have] determined that equipping aircraft with ADS-B does not materially change the ability to track aircraft, because aircraft that currently operate with a Mode S transponder already transmit their ICAO [International Civil Aviation Organization] 24-bit code”. 35
  • 36. + Anonymity  UAT data link has provisions for a self-assigned aircraft code that is based on the location at which this feature was enabled.  Only available for aircraft that don’t want ATC services, since the true registration identity cannot be determined.  No guarantee of aircraft code uniqueness.  Aircraft tend to operate on predictable routes or based out of particular airports… too easy to narrow the range of codes for an observer.  What to do if this won’t work for 1090ES, and if just about all information about an aircraft is available online? 36
  • 37. + Attacks  These types of attacks are possible  Disruption of GPS readings  Wireless jamming of surveillance-related communications  Manipulation of ADS-B transmissions  Message Injection (target ghost injection, flooding)  Message Deletion (aircraft obfuscation)  Message Modification (trajectory modification, aircraft impersonation) 37
  • 38. + Proposed Measures  Private Aircraft Registry  Anonymity Mode for 1090ES  Hash-based message authentication code (HMAC) of 128 bits be determined and split across these messages within the PI field  Others… That end up changing the ADS-B specification… 38
  • 39. + Some Cybersecurity Standards for Aircrafts  Standard development for cybersecurity in aviation industry has been going on for a few years.  There is still much work; two most prominent standards are  DO-356 Airworthiness Security Methods and Considerations  DO-355 Information Security Guidance for Continuing Airworthiness 39
  • 40. + A Few Words on UAS  Technology rapidly evolving and becoming ubiquitous  Definitely part of IoW eco system  Many use case scenarios  Some legitimate uses  Payload sharing  UAS as a Service  Some unpleasant scenarios  Terrorism  Warfighting  ADS-B spoofing  …. 40